They're building the walls and fitting the locks. Soon they'll take away the keys...
Down-vote button is here btw:
. . . . . . V
51 posts • joined 18 Dec 2007
They're building the walls and fitting the locks. Soon they'll take away the keys...
Down-vote button is here btw:
. . . . . . V
...from my pov:
To reach every site, or be reachable from every potential client, you need an IPV4 address. If you have an IPV4 address, you don't need an IPV6 address. Adding an IPV6 address is > 0 effort/cost/hassle/risk, so why bother.
Some actors have been too aggressive in pushing IPV6 by default, before it was (is?) sensible to use it. This leads to a "disable IPV6 and it works" mindset. And because there is generally no simple way to say "prefer IPV4", IPV6 gets nuked at the lowest level, never to be seen or herd of again.
Even if you could, and they did, good luck getting credit / buying a house / car / burger once you have no credit references.
Despite the downvotes, this is exactly the endgame publishers want: end-to-end control over the delivery and presentation of their (precious) content. They may or may not fully achieve it, but we're certainly well on the road towards it: First HTTPS to protect it in transit, now lockdown of the presentation. The final stage will be browsers refusing to display content that's not "approved" (they're already getting antsy about http sites), then we'll be back to the TV delivery model, with a huge cost of entry and only a few big players to control.
"I'll just use a free browser then"... But you'll only be able to view hobby sites with it, as all the mainstream sites will be locked out, so most people won't bother.
"If they block adblockers there will be an outcry"... but the vast majority of people don't care. They happily pay subscription TV services to watch ads, why should the web be any different.
As soon as there's an option to protect sites it will be used, whatever the content. The age of web-TV is coming - sit and consume what's served up by your masters, no looking behind the curtains, no "fake news" from unapproved sources.
Don't agree? Time to accept that the internet is now a utility. Mainstream, regulated, sanitized and in the hands of the big boys. The open internet we grew up with will be like amateur radio - still available to those who care, but very much a fringe interest.
Is it time to leave Earth yet, Pop?
> But after 22 years
Feck, I'm old!
...soon we'll need a GTX1080 and be fiddling with vsync just to edit text.
(Actually I never use xemacs, only the text-mode-in-a-terminal-under-screen flavour)
We got a mail "Easily Security Update" yesterday that went in the "could be a phishing attempt" pile as it was peppered with crap like "Click the “Forgotten Login/Password” [www.mmtrack43.co.uk] button". The only worrying aspect was that it was sent to the unique address used only for our Easily account - was it sent by the hackers to get the info they missed while they were in...?
(WTF is mmtrack43.co.uk? Google for "mmtrack43.co.uk" brings up a lot of links about Blueleaf Plants. mmtrack.co.uk seems to be some sort of mailing manager, but nothing that gives any confidence it's legitimate).
Maybe I'm not thinking it through all the way, why wouldn't this solve the problem?
$badBoys don't obey the law. It only needs you to be suckered by one biometric validating app that keeps your plaintext and you're sol.
Three problems with biometrics.
1) The human body isn't suited to being machine-readable. This means either the match is fussy (got a cold? No cookies for you today) or lax (1-in-100-or-less false positives). Most systems tend to the latter, else they're deemed to "not work".
2) You only have one identity. Different finger for each website is a bit limiting, and once you've given your DNA sample to $badBoys (via cutekittens.org) they can impersonate you anywhere, forever.
3) You can't change your biometric identity. Once it's compromised - tough.
Proper 2-factor authentication is the way to go (i.e. something you have and something you know, not something you know and something else you know asked in a really awkward way, as some sites seem to think...)
fuzzy green meat is bad for you...
What you're supposed to do in IPv6 is to maintain an internal network like you do before using Unique Local Addresses (fec0::/10) and let the firewall do the translating for you like it does now for NAT
But don't the IPV6 high priests denounce NAT?
Damn, almost got a little excited there ;)
Just go look in your browser certificate store and see world+dog being trusted. That's why they had to introduce Extended Validation certificates - for sites that really really (cross-my-heart-and-hope-to-die) want you to think they are secure.
A false sense of security is worse than no security. On an http site you know anyone could be viewing and tampering with your data. Deal with it. On a plain https site your best bet is to assume the same.
Raspberry Pi turns out to be a bit of a success.
Thousands of kids are getting to use Linux and possibly liking it.
Original Pi is too weedy to run Windows.
Let's have a chat with the Pi Foundation and become buddies...
New Pi released with 6x the CPU and 4x the RAM. (For the same price?!)
Get a sawn-off version of windows running on it ("runs apps written in HTML", wtf?)
"Developers will need PowerShell running on a connected PC". There's the payback / lock-in.
Have chat with our buddies that run the National Curriculum and get some Windows-based Pi modules made mandatory.
All Pi's in schools must run Windows. Putting Linux on them is forbidden as a security risk / hackers training tool.
Damn, that takes more than three steps. Ah well....
...the hamster needs an Orange Frutie Ice lolly and a fastboot.
...if the internet we connect to is real any more, or just an elaborate simulation by a cartel of the big ISPs, Google and the NSA. We know all our web traffic is proxied, email is proxied, DNS is proxied. I wonder if every packet we send is going to a server at the local ISP and triggering some emulation that may or may not make a real connection to the outside world to get the date we seek.
[Nurse! The medication! Stat!]
Bollx. That was West Gorton. The original Chatsworth estate was right opposite the old ICL factory (IT angle to this comment!) before they moved into studios because filming was too dangerous...
VME SESSION STARTS AT 17:00:07
THE EXISTING CONTEXTS FOR THE REQUIRED NODETYPE DEFINES THE STARTING POINTS FROM WHICH SELECTIONS MAY BE PERFORMED,THE SYNTAX OF THE SUPPLIED HIERARCHIC NAME IS SUCH THAT NO MEANINGFUL SELECTIONS MAY BE MADE FROM THE EXISTING POINTS FOR THE REQUIRED HIERARCHIC NAME
"Stateful systems aren't equipped to handle distributed state, thus pretty much any system that isn't an endpoint of a MCTCP connection is useless at doing anything besides simply forwarding the packets."
Correct. That's all they're supposed to be doing.
How is this different from a VPN (other than performance considerations)? Or spread-spectrum radio?
If the price was reasonable and IF it really did mean no ads (unlike a certain subscription TV service...).
(yes it would be nice if the original artists got a cut, but that's probably not going to happen. They did sign their rights away when they sold out to The Man. Maybe the next generation will sell directly to their fans and cut out the leeches.)
Remember how long BT dragged their heels providing internet access in the first place? First with dial-up by not providing sufficient line capacity to these upstart ISPs and DAXing domestic lines when everyone wanted a second line for internet use. Then broadband...
There are only two last mile providers in the UK - BT (ok Openreach, but that's just bean-counter fiction) and Virgin, and they have precisely no incentive to open their networks to anyone. They only need to play the "Think of the Children" card and the government will be happy to let them be nanny to everyone's internet. Actually they already do.
And why else do the carriers prefer to implement NAT rather than IPV6? Couldn't be that NAT makes the internet look more like the traditional broadcast model (provider to consumer) could it?
"They" won't be happy until the internet is dragged back to being a cable TV service, where content providers (Facebook, Netflix, ebay, Amazon, BBC etc.) pay the carriers to take their content and the punters pay the carriers for access to "Approved" services. Google takes their cut by stuffing adverts into everyone's feed. No peer-to-peer, don't want the plebs making their own voice heard. Only the big boys need apply to join the providers club, and you'll only get into the routing tables if you're in the club.
I give it 5 years.
iii) Provide adequate parking at a reasonable price, instead of closing off car parks and jacking up the price "to encourage use of alternative methods of transport."
Another small step towards the internet becoming a pay-TV service. NAT'd connections are great for consumers, not so great for creators. No, I don't count uploading your life to Facebook as being creative.
Now watch these nice adverts then you can see some cat pictures.
Well I had to patch squid to prefer IPV4 because youtube was unusable over IPV6 last time we tried this.
If you're stuck on 512Kbit ADSL it may be ok, but on 50/100MBit+ cable there is no way a free public tunnelbroker is going to keep up, or be willing to try if/when demand rises beyond a few spotty geeks playing with a curious new toy.
And I'm not sure exactly what the AUP is for the one I use, but I dobut they'd be happy with me pulling several GBytes/day through their free service.
I still have to configure my proxy to prefer the IPV4 address when a site offers both. Why? Well for me, like I expect 99% of people, IPV6 connectivity is via a tunnel over an IPV4 link. So I either have a fast IPV4 connection to the site or a slow IPV6 one.
When more sites offer both IPV4 and IPV6 addresses, anyone who's experimented with IPV6 will rapidly start to disable their IPV6 connectivity once they figure out why everything has slowed down.
I predict "Your internet is slow?" "Have you disabled IPv6?" will become a common exchange :(
If IPV6 is to take off, the last-mile ISPs need to support it. Anything else and it's just an academic experiment.
Or if you must have a technical solution to a social problem:
1) Register ".kids"
2) Hand control of that domain to your favourite nanny organisation
3) Get ISPs to offer a filtering option that only allows access to IP addresses that reverse-lookup to a valid ".kids" address (i.e. 220.127.116.11 -> cbbc.kids -> 18.104.22.168 = ok, else blocked)
Even if the games and media companies manage to eliminate "piracy" and second-hand sales completely they won't be getting a windfall. There's only so much disposable income to go around.
If we have to buy everything at full price most people aren't suddenly going to find 10x the cash to spend on games and media, we'll just get less of it. Actually we may spend less as well, since we'll feel more like we're being ripped off.
SSL encryption is bust, broken and not to be trusted. If the good guys have admitted to having a skeleton-key CA certificate, you can bet the bad guys have them too...
Will these smart meters have a facility to turn your supply off remotely - like if they need to load-shed 'cos the windmills aren't turning and all the proper power stations are in the scrapyard?
We only need one more top-level domain, and that's something like ".kids". Only legitimate, traceable organizations would be allowed to register, and anyone peddling un-wholesome content could be banned and fined. ISPs could easily provide a bullet-proof kiddy filter by only allowing IP traffic to sites that reverse-resolve to the correct address in that domain.That would provide a safe corner of the internet for those needing an electronic baby-sitter, and allow us adults to get on with our business elsewhere.
The whole new TLD nonsense is just holding anyone with a significant internet presence to ransom. Pay us a bucket-load of money or your name will be sold to the highest bidder...
I've always said the internet will eventually turn into a glorified cable TV channel. That's what the media corporations have been pushing for ever since Napster gave them a kick up their backsides all those years ago. They (and governments, and other big corporations) hate user-generated content. Can't think why....
And you can hardly upload a video of your cat to TheirTube these days without getting a copyright warning because a neigbour two doors down had the radio on.
This excellent site (no connection...) shows a very stark picture today - coal and gas FTW, the windmills are doing nothing but looking pretty:
I've been slowly moving to a fully dual-stack network, but have had nothing but problems. The typical advice being to "turn off IPV6". That's not going to help adoption much...
Example: My primary ISP doesn't provide IPV6, and I suspect there isn't a cat in Hades chance of them doing it before I get my bus pass. Hurricane Electric kindly provide me with an IPV6 /48 via a tunnel, that's 65535 x (IPV4 internet address space)^2 worth of addresses. I set up a router and make it the default IPV6 route and it works!
But... YouTube crawls. Why? Well they advertise IPV6 routes, and that takes priority, so rather than using the fast IPV4 link traffic goes via the tunnelbroker. Switch IPV6 off? That's giving in. Change the default routing policy using a bodge called RFC3484 (gai.conf on Linux)? No good - squid doesn't take any notice of this and carries on merrily sending everything it can over IPV6. Current solution, a hacked version of squid that favours IPV4 except for local IPV6 addresses.
Example: Sometimes we get really slow traffic on some links on virtual machines. Turns out there's a bug in the vmxnet3 network driver that makes it ignore the MTU for IPV6 (how??!!). Turning IPV6 off solves it! Or switch to the trusty e1000 driver and lose some performance.
Example: "IPV6 doesn't do NAT". Actually this seems to be more of a religious point than a technical one. The way to avoid having to change all your internal IPs when changing providers is to allocate multiple IPV6 addresses to each interface. Great idea - I'll use the IPV6 private prefix and give all machines a private and public IPV6 address. Can I find a DHCPv6 server that supports multiple addresses? Nope. So we now have IPV4 addresses handed out with DHCP but IPV6 addresses have to be manually configured.
Example: If consumer-level ISP do start giving out IPV6 addresses, will they give out /48's? No chance - that'll eat up IPV6 address prefix space (which isn't that much larger than IPV4 address space) pdq. A /56? Unlikely. A /64? Maybe, but then how do you do routing without some bodge. Less than a /64? Quite possibly!
Better stop there for now - but the point is, IPV6 is still very immature. Yes, the basics work, but try and do anything more complicated and be prepared to hit bugs and lacking implementation. Give it another 10 years and it might be workable. Unfortunately for most people IPV4+NAT works, IPV6 doesn't.
...will be sponsored by the RAFIAA and won't allow storage of mp3's and avi's.
Until Western Digital sues them for patent infringement that is...
> Seriously, the moment Zuckerberg and Co decide to go IPv6 only, IPv6 will take off faster than a class M rocket engine attached to a bog roll.
>The one thing that will push everyone to IPv6 will be when some of the big sites (YouTube, Facebook) go IPv6-only.
These big sites will never go IPV6 *only* in our lifetime. They have no reason to.
> And will the PS3/Xbox360/Wii support IPv6? Of course! That's what FW updates are for!
Won't happen. What possible business case is there for MS/Sony/Nintendo to create a support nightmare when everything is working fine today and will continue to tomorrow. Again these companies have all the IPV4 they need "forever".
No, some multiplayer games won't play well with NAT. They will be fixed (to use a 3rd party server - oh look another means of controlling the consumer. EA love turning their severs off to push everyone onto this years roll of their top-earning cash cow). A lot of multiplayer games do work with NAT, I've run several xboxes behind a local NAT and it's just fine most of the time.
> And of course, the smaller ISPs won't be able to compete, thus they'll get squeezed out of business, leaving the ones that remain free to rip us off with crap service.
I can't see the big ISPs crying about that...
> Non-browser apps? Most of 'em support IPv6 as well!
Disagree. There are a huge number of legacy application that don't. They won't be fixed. They will (and do) work with NAT. They don't work IPV6 only.
> I can't have *decent* IM chat engine without a 3rd party involved
Boo hoo say the telcos!
> I'd love to run my own website at home.
> I can't setup my own Teamspeak server,
So pay a few $ extra for a premium service with an IPV4 address. Kerching!
> Yep, I can see a carrier-NATed Internet being a happy place!
It won't be. The internet will be come cable TV 2.0. A lot of big money wants exactly that.
In the end, I'd love IPV6 to take off - but I fear that it won't and we'll end up in a world of IPV4 NAT pain.
I spent some time recently looking into IPV6 and setting up IPV6 connectivity using the excellent tunnel broker service provided by Hurricane Electric (http://www.tunnelbroker.net/). Got it all working and passed all the connectivity tests. Then I switched it off. Why?
IPV6 is a lame duck. It doesn't work* and isn't available for the majority of internet end users. Will my Xbox 360 /PS3/Wii use IPV6? No. Will most non-browser applications use IPV6? No. Do any of the large consumer ISPs provide IPV6? No. If I put up an IPV6 only website will it get any hits? No.
What will happen is the consumer ISPs will start to hand out NATted IPV4 addresses when things get tight (which might not be for a while: Virgin claim to have sufficient IPV4 addresses "for the foreseeable future"). A lot less will break with IPV4 NAT than with IPV6 (and they'll be quietly happy if some things like P2P do...). They can then sell public IPV4 addresses at a premium - sounds like a business plan to me.
Finally, IPV4 addresses haven't "run out". There are just as many as there were in 1985, just now they're all in private (business) hands rather than with the registries. Trading will happen, as with any commodity. Large ISPs and businesses will get what they need, and sell what they don't.
* Yes, it can be made to work, with some effort. That means the for the majority of users it might as well not work.
I'd like to hope this is part of a master plan to get everyone onto DOCSIS 3.0 ready for IPV6 deployment (ha ha), but I expect their answer to the IPV4 crunch will just be NAT - yay - 100Mbps of content delivery - the internet finally becomes another cable TV service :(
Ra Ra Rasputin...
When will people realise that road pricing is not about revenue (fuel tax covers that just fine) or congestion (which is self-limiting), but is about tracking and restriction of free movement.
Some snafu with squid, firefox and a stray "Transfer-Encoding: chunked" header means DS has been throwing up an error page for the past few weeks. Can't say I'm in a hurry to fix anything.
One complete video fail (no RRoD, just no picture), one failed DVD drive and one E74. Impressed with the repair service though - all fixed under warranty and returned within two weeks from Germany. Must be costing them a packet - the UPS bloke said he spends half his time delivering them.
The PS3? It's collecting dust on a shelf. Sony have really lost it somehow - especially when previously exclusive Sony titles like Tekken are now coming to the 360.
... you mean I can't keep the world a green and fluffy place just by paying more taxes?
Verified by Visa is one* of the reasons I no longer use Barclaycard. Pretty much every time I had to use it the password was not recognised and I had to "reset it", which just meant entering my DOB and a new password, hardly very secure.
* The other reasons are the hair-trigger on their online fraud prevention system, which seems to block every transaction until I spend 10 minutes on the phone to them, and the con-trick they've pulled with the online payments where you're fooled into paying more than you need to if you elect to pay "balance in full" (they include recent transactions not shown on your statement and not required to be paid until the following month).
No such problems with Mastercard (yet...)
...why my typical on-line transaction now goes something like....
<clickety click> Submit order
"Your card has been declined :("
...more time passes
...get to talk to someone with a heavy foreign accent. Give verbal DNA sample. Explain problem. Get transfered to fraud department.
...even more time passes
... get to talk to someone else with a different (but more local) foreign accent. Give verbal DNA sample. Explain problem again. Recite the last few transactions on the card. Blush. Get put on hold. Get told how wonderful their anti-fraud system is for blocking my unusual transaction (with a company I've only placed a few thousand pounds of order with over the last few years). Get told patronisingly that my card is now being unlocked and I can continue to use it in a few minutes time. Get asked if there is anything else they can help me with today. Resist making arrestable suggestion.
Wait a few minutes
Return to site
<clickety click> Submit order
"Your session has expired. For your security blah blah blah..."
Re-enter card details
<clickety click> Submit order
"Thank you for your custom...."
Swear mildly with relief, trying to think how to avoid this pantomime next time.
Yet another country (well it's politicians) fall for the great CFL Con-trick.
They don't last anywhere near as long as they're claimed to.
They're nowhere near as bright as they're claimed to be.
They take forever to get going.
They use more toxic materials (haven't the EU just killed their electronics manufacturing industry by banning lead? Then they mandate the use of mercury-laden light bulbs. WTF)
The total saving in energy from this move is insignificant at best, not even counting manufacture and disposal costs.
Hell, meet Mr. handcart.......
Biting the hand that feeds IT © 1998–2018